package yy.robot.controller;

import org.apache.commons.lang.RandomStringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import yy.robot.domain.AuthType;
import yy.robot.domain.Response;
import yy.robot.domain.User;
import yy.robot.exception.LoginException;
import yy.robot.service.UserService;

import javax.servlet.http.HttpServletRequest;

/**
 * Created by BaiJiFeiLong@gmail.com at 2018/5/5 17:34
 */
@SuppressWarnings("SpringJavaAutowiredFieldsWarningInspection")
@RestController
public class AccountController extends BaseController {

    @Autowired
    private UserService userService;

    @Autowired
    private StringRedisTemplate redisTemplate;

    private String getAuthCode(String phone) {
        return redisTemplate.opsForValue().get(String.format("SJQ:AUTHCODE:%s", phone));
    }

    private void checkAuthCode(String phone, String authCode) {
        String authCodeOnServer = getAuthCode(phone);
        if (authCodeOnServer == null) {
            throw new LoginException("验证码未发送");
        } else if (!authCodeOnServer.equals(authCode)) {
            throw new LoginException("验证码错误");
        }
    }

    @PostMapping("/reg")
    public Response<User> register(
            @RequestParam String phone,
            @RequestParam String authCode,
            @RequestParam String username,
            @RequestParam String password
    ) {
        checkAuthCode(phone, authCode);

        User user = new User();
        user.setUsername(username);
        user.setPassword(password);
        user.setPhone(phone);
        userService.create(user);
        return new Response<>(user);
    }

    @PostMapping("token")
    public Response<String> token(
            @RequestParam AuthType authType,
            @RequestParam(required = false) String username,
            @RequestParam(required = false) String password,
            @RequestParam(required = false) String phone,
            @RequestParam(required = false) String authCode,
            HttpServletRequest request
    ) {
        User user;
        if (authType == AuthType.PASSWORD) {
            Assert.notNull(username, "用户名不能为空");
            Assert.notNull(password, "密码不能为空");
            user = userService.findByUsername(username);
            if (!user.getPassword().equals(password)) {
                throw new LoginException("密码错误");
            }
        } else if (authType == AuthType.PHONE) {
            Assert.notNull(phone, "手机号不能为空");
            Assert.notNull(authCode, "验证码不能为空");
            checkAuthCode(phone, authCode);
            user = userService.findByPhone(phone);
        } else {
            throw new LoginException("不支持的登录方式");
        }

        String token = RandomStringUtils.randomAlphanumeric(32);
        redisTemplate.opsForValue().set(String.format("SJQ:TOKEN:%s", token), String.valueOf(user.getId()));
        return new Response<>(token);
    }
}